This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/KuP5S18d3wf6sYBEiALEXjMQfeI.roa File: KuP5S18d3wf6sYBEiALEXjMQfeI.roa (raw, json) Hash identifier: ZgvF0LPi+6oSoU4YYzWO7XQszPaheuf7ALAaDvk6hNI= Subject key identifier: 2A:E3:F9:4B:5F:1D:DF:07:FA:B1:80:44:88:02:C4:5E:33:10:7D:E2 Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Certificate serial: 019ACA17C4F994C50A4562B54BF551A747E6 Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/KuP5S18d3wf6sYBEiALEXjMQfeI.roa Signing time: Fri 28 Nov 2025 10:52:26 +0000 ROA not before: Fri 28 Nov 2025 10:52:26 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 208024 IP address blocks: 109.176.250.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 08:01:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:ca:17:c4:f9:94:c5:0a:45:62:b5:4b:f5:51:a7:47:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Validity Not Before: Nov 28 10:52:26 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=2ae3f94b5f1ddf07fab180448802c45e33107de2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:c1:ad:4f:3b:d5:47:78:5f:d5:36:35:d4:55: 25:d5:76:6f:88:3a:37:5b:77:e0:78:57:10:78:c0: 8c:b3:2a:14:75:b4:b6:fe:e5:3e:e4:8e:c9:a0:5e: de:7c:bc:8d:f5:64:73:d9:c0:14:54:8a:d2:24:71: 9d:14:ec:37:ee:c4:f5:52:13:91:59:23:af:09:4a: 42:36:1f:ff:3f:7d:2c:2d:dc:f3:31:99:d8:e0:ff: 6f:1a:36:d5:90:73:fa:01:50:e9:e7:6b:37:44:fa: f0:04:ac:d6:9f:21:49:25:71:6b:9f:c0:49:86:01: 4d:be:34:f4:d6:c4:88:c8:5f:53:ef:9d:42:47:04: 99:eb:fa:de:42:3a:34:04:eb:dc:e2:99:4d:23:35: 36:e7:b5:d5:da:dc:64:65:3a:bf:36:f7:9e:7f:80: 7d:96:69:89:74:e3:03:81:cd:b7:80:6e:e2:03:53: df:02:53:c2:71:ae:36:47:5b:2d:6b:27:60:14:eb: 34:57:a1:fd:74:ff:fd:f0:a5:dd:15:e1:8e:c7:be: f6:b3:b6:a6:68:1e:d0:eb:d2:cd:0b:b8:35:a0:68: 69:c4:0d:3c:6e:51:0e:96:c5:8d:9d:49:0f:84:07: 13:6d:6b:e5:91:0d:b7:b7:4f:da:ab:79:e2:31:2e: 1e:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:E3:F9:4B:5F:1D:DF:07:FA:B1:80:44:88:02:C4:5E:33:10:7D:E2 X509v3 Authority Key Identifier: keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/KuP5S18d3wf6sYBEiALEXjMQfeI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.176.250.0/24 Signature Algorithm: sha256WithRSAEncryption 44:09:80:43:19:e4:b3:03:f9:45:56:13:2b:21:74:d8:ae:40: 1b:41:1f:72:3a:b5:48:d2:a9:bd:97:4f:e6:c9:a0:e9:03:34: 8b:e8:3a:d1:db:08:a2:ed:cc:85:29:2f:dd:d1:9b:ee:e7:f9: 78:4d:a9:e7:89:11:0d:bd:8a:17:22:d3:1d:c9:54:79:60:64: b4:a0:74:78:38:b6:78:12:d3:b9:7f:40:aa:8b:d1:c0:a4:ba: b6:2f:ef:88:df:c5:80:d8:72:dd:2f:5e:25:20:df:ed:44:39: 2d:57:de:cf:c2:d5:1e:3e:c2:23:56:b3:5b:34:dc:c9:4f:08: 22:d7:2f:84:5b:80:bb:6e:90:a7:89:8a:89:3e:69:25:66:9a: 1c:38:01:fe:ce:23:2d:04:36:42:18:7e:89:9a:5b:0a:93:fa: 88:09:c9:67:8d:13:10:19:e5:b6:cd:05:b1:2b:e1:bb:01:09: 66:be:c7:ea:66:b3:7a:99:2c:b6:97:b2:f8:61:c6:26:2c:18: 4e:0f:85:c8:44:0c:55:4a:6f:95:5e:b4:d1:5c:fa:7a:af:58: 15:cf:8e:d3:4a:04:14:51:72:d4:7e:d8:d3:03:3a:ee:5c:6d: 69:45:92:b7:c7:38:69:d9:97:6b:57:43:1c:53:50:55:de:67: 9f:9c:80:06 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZrKF8T5lMUKRWK1S/VRp0fmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh NTNiOWIwHhcNMjUxMTI4MTA1MjI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyYWUzZjk0YjVmMWRkZjA3ZmFiMTgwNDQ4ODAyYzQ1ZTMzMTA3ZGUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5sGtTzvVR3hf1TY11FUl1XZviDo3 W3fgeFcQeMCMsyoUdbS2/uU+5I7JoF7efLyN9WRz2cAUVIrSJHGdFOw37sT1UhOR WSOvCUpCNh//P30sLdzzMZnY4P9vGjbVkHP6AVDp52s3RPrwBKzWnyFJJXFrn8BJ hgFNvjT01sSIyF9T751CRwSZ6/reQjo0BOvc4plNIzU257XV2txkZTq/Nveef4B9 lmmJdOMDgc23gG7iA1PfAlPCca42R1staydgFOs0V6H9dP/98KXdFeGOx772s7am aB7Q69LNC7g1oGhpxA08blEOlsWNnUkPhAcTbWvlkQ23t0/aq3niMS4euQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFCrj+UtfHd8H+rGARIgCxF4zEH3iMB8GA1UdIwQY MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt NDEyMjhlMzlmZjdjLzEvS3VQNVMxOGQzd2Y2c1lCRWlBTEVYak1RZmVJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbbD6MA0G CSqGSIb3DQEBCwUAA4IBAQBECYBDGeSzA/lFVhMrIXTYrkAbQR9yOrVI0qm9l0/m yaDpAzSL6DrR2wii7cyFKS/d0Zvu5/l4TanniRENvYoXItMdyVR5YGS0oHR4OLZ4 EtO5f0Cqi9HApLq2L++I38WA2HLdL14lIN/tRDktV97PwtUePsIjVrNbNNzJTwgi 1y+EW4C7bpCniYqJPmklZpocOAH+ziMtBDZCGH6JmlsKk/qICclnjRMQGeW2zQWx K+G7AQlmvsfqZrN6mSy2l7L4YcYmLBhOD4XIRAxVSm+VXrTRXPp6r1gVz47TSgQU UXLUftjTAzruXG1pRZK3xzhp2ZdrV0McU1BV3mefnIAG -----END CERTIFICATE-----Generated at Sat Dec 6 15:39:25 2025 by rpki-client